Tagged Questions

I have successfully established an IPSec tunnel between my local Linux host and a remote VPN gateway. I am using virtual IPs assign by the gateway because being a roadwarrior my local LAN subnet is ...

Is there something like local = left which I could use in the strongSwan configuration?
I don’t want to use any IP-addresses, as they might change. And I don’t want the server to guess it, I want to ...

StrongSwan (as responder) selects a configured connection (conn section in ipsec.conf) for each incoming initiator key exchange intent.
At which times does strongSwan pick a connection configuration? ...

I am trying to set up a VPN (Strongswan + xl2tpd) between my desktop and a server in AWS both running Linux (Ubuntu) but I really am getting lost.
I believe I have the IPSec part working but I am not ...

I have implemented a StrongSwan VPN server and would like to configure it to dynamically assign IPs to the end client. The VPN works if I give it an IP range however not if I set it to DHCP.
This is ...

Posting Updated: 26.06 11:22
I'm trying to use a rasperry pi on arch linux as strongswan ikev2 server for my windows phone 8.1 smartphone. I would like to use a client certificate for authentication. ...

I have a VPN gateway which allows remote access to a network with subnet 171.30.0.0/16.
I have a local machine setup with ubuntu 14.04 and strongswan which connects to that VPN server using IKEv2 RSA ...

I am trying to set up a VPN tunnel using StrongSwan 5.1.2 between two Amazon AWS EC2 instances running Ubuntu 14.04.2 LTS. Prior to using StrongSwan, I used open(libre)swan on an Amazon RedHat AMI, ...

I've seen lots of examples where each gateway in an IPSec is configured with right=%any. I'm perplexed how these gateways find the IP to connect to (assuming both gateways are set up that way).
The ...

Apple iOS has "VPN On Demand" function. With this function the VPN connection is made whenever the device tries to connect to certain domains or to the internet at all. iOS supports "VPN On Demand" ...

My question: I can't access the other side server to get service, no ping, no telnet working. Is there something wrong on my side?
I have problem with Strongswan on centos 7 (compiled version 5.3.2). ...

This is a simplification of a bigger problem I'm experiencing, but I think it covers everything. The production issue is between a StrongSWAN VPN and a Juniper SSG550. The network setup is clearly not ...

I'm new to this - please excuse my ignorance. I have looked through many other similar questions to no avail.
Trying to set up a StrongSwan VPN such that client C can connect to host H, be assigned ...

I'm trying to wrap my head around a site-to-site VPN configuration using StrongSwan that will allow remote sites to connect to our AWS VPC. The catch is, the remote gateways will potentially be using ...

I've been playing around with StrongSwan recently as a replacement to Amazons VPN which cost money.
I'm having trouble completely configuring a IPSec tunnel between a remote server and a Ubuntu EC2 ...

I use Linux IPSec VPN-server based on strongSwan 5.2.1 with eap-mschapv2 authentication using passwords in ipsec.secrets file.
Now I need to add one more VPN-server for the same users and I want to ...

I am trying to configure a Cisco CSR1000V on AWS to create an IPSec VPN with Strongswan 5.1.2 (on Ubuntu 14.04) on another AWS machine. I can establish the VPN from the Strongswan end and it appears ...

At my end I have a StrongSwan installation, connecting to an IPSec VPN hosted by an OpenBSD box running stock isakmpd. The OpenBSD box already hosts multiple other associations, but the StrongSwan box ...

I'm struggling to adapt my firewall to restrictively allow VPN traffic of a Strongswan installation.
The problem seems to be with the INPUT chain: if I add saddr $VPN_PARTNERS ACCEPT, then it works ...

Something of a weird setup this:
There are two Virtual Private Clouds (10.100.240.0/20 = prod1 and 10.101.0.0/24 = control), which have a valid router between them.
Control hosts a VPN that is meant ...

I'm trying to implement a strongswan solution for a site to site tunnel between me and a third party vendor. My tunnel establishes fine between myself and the vendor however I am wondering if this is ...

I'm trying to connect via IPsec L2TP to a Windows Server 2012 server. Both the clients and the host are behind a NAT.
I can connect from a Windows 7 machine without any problems, but when trying to ...

I have a working OpenSWAN implementation for RA, using IPsec transport and l2tp for the tunnel, running in AWS. The instance has a private IP, with a public EIP mapped to it.
I use the private ip for ...

The backups (via Bacula) of one of my servers (“A”) connected via IPSec (Strongswan on Debian testing) to a storage daemon (“B”) don't finish 95% of the times they run.
What apparently happens, is:
...

I configured a small network on a cloud virtual machine.
This virtual machine has a static IP address assigned to eth0 interface that I'll call $EXTIP. mydomain.com points to $EXTIP.
Inside, I have ...

I have StrongSwan VPN server set up on a Debian host, and would like to run a custom script when a client connects to it. The only thing I have come up with is periodically checking the contents of ...

I'm trying to setup a strongSwan server in my home and connect to it from another network. Let's say sun is the VPN server and venus is the client. Both sun and venus are behind NAT networks. sun is ...

I'm trying to create a tunnel using StrongSwan. In order to do this, I'm creating two sh files, one for each gateway router. All I'm doing in the sh files is creating the tunnel, configuring it, and ...